Mozilla Foundation Security Advisory 2009-56

Heap buffer overflow in GIF color map parser

This flaw does not affect products built on
the Gecko 1.8 browser engine such as Thunderbird 2.

Description

Security research firm iDefense reported that
researcher regenrecht discovered a heap-based buffer
overflow in Mozilla's GIF image parser. This vulnerability could
potentially be used by an attacker to crash a victim's browser and run
arbitrary code on their computer.